REMARKS/ARGUMENTS 

The rejections presented in the Office Action dated April 21, 2005 (hereinafter 
Office Action) have been considered. The specification has been amended to correct a 
reference number error. Claims 1,16, 28, 32, and 33 have been amended, and Claims 34-36 
have been added. No new matter has been added. Claims 1-36 remain pending in the 
application. 

Claims 3-6, 8, 9, 11-14, 17-20, and 23-27 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form. The 
conditional allowability of Claims 3-6, 8, 9, 1 1-14, 17-20, and 23-27 is acknowledged, and 
the Applicant thanks the Examiner for favorable consideration of these claims. 
Reconsideration of the pending claims and allowance of the application in view of the 
present response is respectfully requested. 

Claims 1-2, 7, 10, 15-16, 21, and 32-33 stand rejected under 35 U.S.C. §103(a) as 
being unpatentable over U.S. Patent No. 6,463,534 to Geiger et al. (hereinafter Geiger) in 
view of U.S. Publication No. 2002/0004390 to Cutaia et al (hereinafter Cutaia), Applicants 
respectfully traverse the rejection. 

According to MPEP §2142, to establish a prima facie case of obviousness under 35 
U.S.C. §103: 

1) there must be some suggestion or motivation either in the references 
themselves or in the knowledge generally available to one of ordinary skill in the 
art, to modify the reference or to combine reference teachings; 

2) there must be a reasonable expectation of success; and 

3) the prior art reference (or references when combined) must teach or 
suggest all the claim limitations. 

The Applicant respectfully submits that the combination of Geiger in view of 
Cutaia does not teach or suggest all of the limitations of Claims 1-2, 7, 10, 15-16, 21, and 
32-33, as originally filed and particularly as amended. Applicant's invention as recited, for 
example, in amended independent claims 1,16, 28, 32, and 33, is directed to receiving a 
security certificate utilized by a wireless terminal in establishing a connection. The 
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connection is directed to either the targeted service or an enrollment manager depending on 
the security certificate utilized in establishing the connection. If the connection is directed 
to the enrollment manager, user registration is effected using a user identity and a private 
key. The combination of Geiger with Cutaia does not teach or suggest each and every one 
of these limitations. 

Generally, Geiger describes a system for performing secure wireless transactions. 
Geiger appears to show receiving a certificate from a wireless terminal with security 
information indicative of user access rights and determining whether the received certificate 
corresponds to an authentication certificate of a targeted service. However, Geiger does not 
teach or suggest directing the network connection to an enrollment module to register for 
the authentication certificate if the received certificate does not correspond to the 
authentication certificate. For example, in col. 13, lines 54, Geiger states that "the client 
delivers a certificate to the AA that is certified within the wireless service provider domain 
500, ... The AA server verifies this certificate in step 545 ... and the AA is ready to deliver 
the content item (attribute) to the client." As to how users are authorized to enter particular 
domains, Geiger only states that the manufacturer can enroll users, distribute keys through 
the service provider domains, assign to device identifiers, and distribute via WIM card (col. 
14, lines 20-37). Geiger is silent as to what happens if authentication fails, or how users can 
enroll for certificates upon authentication failure. 

Cutaia is directed to a telecommunications management service. In paragraph 
[0040] relied upon in the Office Action, Cutaia describes a customer contact management 
system that directs a user to a registration step if the user's computer lacks a corresponding 
registration "cookie," or if it is detected that the user has not previously registered. 
However, Cutaia does not teach or suggest providing authentication certificates at the 
registration step. Instead, what is provided in Cutaia 's registration step is a user account 
creation form. Therefore Cutaia does not teach an enrollment manager that can provide 
authentication certificate which identifies access rights for a targeted service. 

Further, the combination of Gieger and Cutaia fails to teach or suggest that the user 
is directed to register for the authentication certificate using a user identity and private key. 
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Geiger is silent on the particulars of producing authentication certificates, merely stating 
that "[d]omain members may be issued small attribute certificates, tied to their private 
domain key, that indicate purchased services or special rights being granted." (col. 11, lines 
1-3). This description falls short of describing a system for registering for authentication 
certificates using a user identity and private key. Cutaia is silent on any aspect of 
authentication certificates, therefore the combination of Gieger and Cutaia fails to teach or 
suggest this claim limitation. 

In addition, there is no motivation to combine Gieger with Cutaia. Neither 
reference addresses at least one problem addressed by the Applicant's invention, namely 
the inconvenience faced by a user in having to initiate a new and different connection {e.g., 
a WAP gateway connection) if authentication fails for a particular secure service. Geiger 
simply describes a situation where the behavior is undefined if the user is without the 
correct authentication certificate. Geiger fails to teach or otherwise disclose that a user may 
have to initiate a new connection in order to obtain the correct certificate. Cutaia describes 
a process for registration with a customer management system, and no new connection to a 
different service is required if the user in Cutaia is not currently registered. In Cutaia the 
same connection can be used to access the registration form (either by telephone or by a 
web browser) if the user was not currently registered. Neither reference recognizes that a 
wireless terminal user will have to contact an enrollment gateway using a new and different 
connection if the attempt to reach a target service is unauthorized. Because Gieger and 
Cutaia do not teach every claim limitation, and because motivation to combine Gieger with 
Cutaia is lacking, the Applicant respectfully submits that a prima facie case of obviousness 
has not been established. Therefore independent claims 1, 16, 28, 32, and 33 are in 
condition for allowance. 

Dependent Claims 2, 7, 10, 15, and 21, which depend from respective independent 

Claims 1 and 16 were also rejected under 35 U.S.C. §103(a) as being unpatentable over 

Geiger in view of Cutaia. While Applicant does not acquiesce to the particular rejections 

to these dependent claims, it is believed that these rejections are now moot in view of the 

amendments and remarks made in connection with independent claims 1 and 16. These 

dependent claims include all of the limitations of the base claim and any intervening claims, 
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and recite additional features which further distinguish these claims from the cited 
references. Therefore, dependent claims 2, 7, 10, 15, and 21 are also patentable over the 
combination of Geiger and Cutaia. 

Claim 22 stands rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Geiger in view of Cutaia and further in view of U.S. Patent No. 6,367,013 to Bisbee et al. 
(hereinafter Bisbee), Applicant respectfully traverses the rejection. 

As argued hereinabove, the combination of Geiger and Cutaia at least fail to teach 
or suggest directing a network connection to an enrollment manager to register for an 
authentication certificate using a user identity and private key if authentication fails. Bisbee 
fails to remedy the deficiencies of Geiger and Cutaia. Bisbee is directed to a system for 
dealing with the validity periods associated with authentication certificates. Bisbee 
describes re-validating the certificate at a Trusted Custodial Unit (TCU) in order to extend 
these validity periods (e.g., col. 4, lines 42-48). However, Bisbee is silent as to enabling 
enrollment for authentication certificates in situations where authentication fails. 
Therefore, the combination of Geiger, Cutaia, and Bisbee fail to teach or suggest directing 
a connection to an enrollment manager to effect user registration if authentication fails. 
Thus Applicant respectfully submits that a prima facie case of obviousness has not been 
established, and Claim 22 is in condition for allowance. 

Claims 28-31 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over 
U.S. Patent No. 6,463,534 to Rajan et al. (hereinafter Rajan) in view of Geiger and further 
in view of Cutaia. Applicant respectfully traverses the rejection. 

Applicant first notes that the patent number 6,463,534 shown in the Office Action 
for Rajan is actually the patent number of Geiger. Further, Geiger is listed twice in the 
Notice of References cited, but Rajan is not listed at all. Without further information, 
Applicant cannot conclusively determine the identity of the Rajan reference relied upon in 
the Office Action. Therefore, Applicant respectfully requests that the correct patent number 
for Rajan be provided in a subsequent correspondence. 

Regardless, Applicant traverses the rejection, and contends that the combination of 
Geiger and Cutaia fail to teach at least the claim limitations of independent Claim 28 as set 
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forth in the Office Action. According to the Office Action, Raj an does not teach a network 
switch coupled to receive an authentication certificate utilized by a wireless terminal in 
establishing a connection to the server computing server or the enrollment server depending 
on the authentication certificate utilized by the wireless terminal in establishing the 
connection. Nonetheless, according to the Office Action, Geiger teaches storing wireless 
certificates on mobile devices, and Cutaia teaches the concept of switching either to inquiry 
services or registration services based on whether the inquiry information from the 
customer contained registration information. Therefore, according to the Office Action it 
would be obvious to combine Geiger and Cutaia with Raj an. 

As argued hereinabove, the combination of Geiger and Cutaia at least fail to teach 
or suggest directing a network connection to an enrollment manager to register for an 
authentication certificate using a user identity and private key if authentication fails. 
According the Office Action, Rajan does not teach a network switch that directs a network 
connection to an enrollment server depending on the authentication certificate utilized by 
the wireless terminal in establishing the connection. Therefore, the combination of Rajan,, 
Geiger and Cutaia also fail to teach this claim limitation, and Applicant submits that 
Claims 28-3 1 are also in condition for allowance. 

If the Examiner believes it necessary or helpful, the undersigned agent of record 
invites the Examiner to contact him at 952-854-2700 to discuss any issues related to this 
case. 



Respectfully submitted, 



Date: 




William B. Ashley \y 
Reg. No. 51,419 
Hollingsworth & Funk, LLC 
8009 34 th St. S. Suite 125 



Minneapolis, Minnesota 55425 
(952) 854-2700 
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